Fully Integrated Hardware Security
Today, as software defines an increasing amount of our daily lives, the need to protect the hardware behind it has never been greater. Securing data-at-rest, in-transit, and in-use has become standardized across the industry, making hardware security essential throughout a chip’s lifespan, from fabrication to end of life.
Here at PUFsecurity, our ‘drop-in’ integrated IP security blocks combine analog and digital designs to provide a true Hardware Root of Trust unparalleled in the market today. We have streamlined the key management process, removing additional enrollment costs, enhancing chip protection, and providing comprehensive, compatible security for the next generation of semiconductors.
Hardware Root of Trust: PUFrt
Hardware root key generation and storage that never leaves the chip
PUFrt offers the essential features required for establishing a secure Hardware Root of Trust, including a TRNG, UID, Secure OTP, and a resilient anti-tamper shell to protect against attacks. This Riscure-certified IP provides a foundation of trust at the hardware level for semiconductors. It effortlessly integrates with a wide variety of systems, from lightweight hardware security keys to full-functioning Security Coprocessors. PUFrt helps secure the semiconductor supply chain, eradicate counterfeiting, combat reverse engineering, and revolutionize how we authenticate our devices.
Tamperproof Storage: Secure OTP
Data protection from safeguarded anti-fuse OTP memory
Secure OTP represents the next generation in key, data, and secret storage solutions. It enhances standard OTP solutions to provide secure storage for data in use, transit, or rest. Secure OTP combines physical macros and digital RTL, alongside a controller and a resilient anti-tamper shell, to provide stored data with comprehensive protection against hardware attacks.
It supports various interface controllers (I/F), providing effortless integration and compatibility across multiple IC applications. On average, it takes only five minutes for a deployed IoT device to receive its first attack. The security of any device is only as strong as its weakest link, and in modern chip design today, data storage is often left unsecured. Storing sensitive data, such as keys and boot code, in unsecured legacy e-fuse solutions is no longer feasible. Therefore, PUFsecurity’s Secure OTP is calibrated to ease the transition into tamperproof anti-fuse OTP storage.
Crypto Coprocessor: PUFcc
Certified Cryptography Engine combining both digital and analog IPs
PUFcc is the only Crypto Coprocessor available today to provide key generation, key storage, and a complete crypto engine as a single drop-in IP block. The Secure Coprocessor builds on the PUFrt’s Hardware Root of Trust with a comprehensive Crypto Accelerator providing Secure Boot, OTA, TLS, and Key Management. PUFcc also includes a complete set of NIST CAVP and 3rd Party Chinese OSCCA certified hardware cryptographic algorithms. These are easily customizable for multiple security operations across various IoT applications. In addition, PUFcc offers a hassle-free SoC design process, with a standard APB control interface used for register access control and a DMA with a standard AXI4 control interface to provide quick, secure access to a greater amount of system memory data.
Flash Protection Series
Full suite of asset protection solutions that enhance SoC security
The security provided by the Hardware Root of Trust and Crypto Coprocessor of PUFcc can be expanded to secure other hardware components within an SoC. PUFsecurity’s Flash Protection Series provides compatible protection for various flash solutions, such as embedded Flash, external NAND Flash, and external NOR Flash, and their corresponding derived solutions. These solutions allow PUF-based chip fingerprinting across an SoC, extending the secure boundary into upper architecture layers to protect other hardware components and the software assets. PUFsecurity’s Flash Protection Series can safeguard firmware and proprietary software assets embedded in a chip, extending PUFcc’s secure boundary across the SoC.
Secure Element: PUFse
The Next Generation of Security Subsystems
PUFse is a security subsystem that independently performs security commands requested by the main CPU. Unlike legacy solutions, PUFse is not purely software-based and instead combines both Hard Macros and Digital RTL. Its all-in-one solution includes an independent processor, Hardware Root of Trust, and Crypto Accelerator executing software solutions such as firmware protection, online updates, and secure boot. It also provides a secure computing environment with asset management, key storage, and permission control. With this complete security subsystem, PUFse removes the need for an embedded security chip or the risk of multi-vendor security architecture. This drop-in solution simplifies the customer integration and software development processes without compromising security, with state-of-the-art IC protection.